Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our GRC team as a QSA Consultant, delivering security consultancy and assessments.
- Company: LRQA Nettitude is a global leader in cyber security, serving diverse clients from banks to retailers.
- Benefits: Enjoy remote work flexibility, personal growth opportunities, and involvement in the cyber community.
- Why this job: Make a real impact in cyber security while collaborating with a passionate team.
- Qualifications: Active QSA with PCI DSS experience and ISO 27001 knowledge required; leadership skills are a plus.
- Other info: Engage in industry events and continuous learning beyond certifications.
About LRQA Nettitude
Founded in 2003, LRQA Nettitude is a global leader in cyber security, offering world-class services in red teaming, penetration testing, threat intelligence, R&D, detection and response, and GRC. Our clients range from central banks and government bodies to major retailers and critical national infrastructure. We're an award-winning cyber security provider at an exciting stage of growth. As technology and threats evolve, we're looking for talented individuals to help us stay at the forefront of the industry.
The Role - QSA Consultant (UK, Remote)
We're looking for a QSA to join our GRC team in a home-based role, with travel to client sites (mostly in the UK). You'll deliver security consultancy in areas including:
- PCI DSS consultancy and assessments
- ISO 27001 gap analysis and implementation support
- Risk assessments and third-party risk management
- Reviews against standards like NCSC's 10 Steps and NIST CSF
Requirements
Essential:
- Active QSA with experience in complex PCI DSS assessments
- ISO 27001 experience, including ISMS implementation and certification
- Familiar with NIST CSF and basic IT/security concepts (networking, OS, etc.)
- Comfortable leading client-facing consultancy work
- Self-organized and quality-focused
Desirable:
- Knowledge of NIS directive, NCSC CAF, or CAA ASSURE
- Experience presenting to C-level audiences
- Mentoring or team leadership experience
- Security awareness training delivery
- Hands-on technical experience (past or present)
Certifications
As a QSA, you must meet PCI SSC requirements (certs from List A & B). Useful certifications include:
- ISO 27001 Lead Auditor/Implementer
- CISSP, CISM, CISA, CRISC
What We Offer
Join a high-performing, people-focused team with a strong culture of collaboration. We support remote work, personal growth, and getting involved in the broader cyber community.
You'll have opportunities to:
- Make a difference - shape services and challenge the status quo
- Get involved - blog, speak, or attend industry events
- Keep learning - beyond certifications, explore new domains and ideas
QSA Consultant employer: CV-Library
Contact Detail:
CV-Library Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land QSA Consultant
✨Tip Number 1
Network with professionals in the cyber security field, especially those who are already working as QSAs. Attend industry events or webinars to connect with potential colleagues and learn about their experiences.
✨Tip Number 2
Familiarise yourself with the latest trends and updates in PCI DSS and ISO 27001 standards. This will not only enhance your knowledge but also demonstrate your commitment to staying current in the field during interviews.
✨Tip Number 3
Prepare to discuss real-world scenarios where you've successfully led client-facing consultancy work. Highlight your problem-solving skills and how you’ve managed complex assessments to showcase your expertise.
✨Tip Number 4
Consider creating a portfolio of your past projects and achievements related to PCI DSS and ISO 27001. This can serve as a powerful tool to illustrate your experience and capabilities during discussions with potential employers.
We think you need these skills to ace QSA Consultant
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience as a QSA, particularly in PCI DSS assessments and ISO 27001. Use specific examples that demonstrate your skills and achievements relevant to the role.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for cyber security and your understanding of the industry. Mention your familiarity with NIST CSF and any relevant certifications you hold, explaining how they make you a strong candidate.
Highlight Client-Facing Experience: Since the role involves leading client-facing consultancy work, emphasise any previous experience you have in this area. Provide examples of how you've successfully managed client relationships and delivered results.
Showcase Continuous Learning: Mention any ongoing professional development or training you are pursuing. This could include certifications or participation in industry events, which demonstrates your commitment to staying current in the field.
How to prepare for a job interview at CV-Library
✨Showcase Your QSA Experience
Make sure to highlight your active QSA status and any complex PCI DSS assessments you've conducted. Be prepared to discuss specific challenges you faced and how you overcame them, as this will demonstrate your expertise and problem-solving skills.
✨Demonstrate Knowledge of Standards
Familiarise yourself with ISO 27001, NIST CSF, and other relevant standards. During the interview, be ready to explain how you've applied these standards in past roles, particularly in risk assessments and third-party risk management.
✨Prepare for Client-Facing Scenarios
Since the role involves leading client-facing consultancy work, practice articulating your approach to client interactions. Think of examples where you've successfully communicated complex security concepts to non-technical stakeholders, especially at the C-level.
✨Emphasise Continuous Learning
Express your commitment to personal growth and staying updated with industry trends. Mention any recent training, certifications, or events you've attended that relate to cyber security, as this shows your dedication to the field and aligns with the company's values.
